Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@sabinthedev/fastify-prisma
Advanced tools
A plugin for Fastify to easily register Prisma Client in your Fastify instance
To use this package, first install it:
npm i @sabinthedev/fastify-prisma
In order to use this package, you will need Prisma set up in your project and Prisma Client generated. This plugin currently relies on Prisma Client being in node_modules/@prisma/client
, (the default output location of the generated client).
import prismaPlugin from '@sabinthedev/fastify-prisma'
import Fastify from 'fastify'
const fastify = Fastify()
fastify.register(prismaPlugin)
fastify.get('/', async () => {
// You will get nice intellisense here 👇🏻
const users = await fastify.prisma.user.findMany()
return { users }
})
fastify.listen({ port: 3000 }, (err, address) => {
console.info(`⚡️ Server running at ${address}`)
})
You can also provide an object that contains Prisma Client's constructor arguments. For example, if you would like to manually set the datasource:
fastify.register(prismaPlugin, datasources: {
db: {
url: 'file:./dev.db'
}
})
There are a few caveats with this plugin which, at the moment, have no workarounds I am aware of:
In Prisma, you have the ability via the Prisma schema to change the output directory of the generated client, which defaults to node_modules/@prisma/client
.
This plugin, however, relies on that client being in the default location.
You can set up different schemas in Prisma and generate Prisma Client for each schema. This requires using custom outputs, which is not supported in this plugin for the reason detailed above.
Because the plugin has to look in the node_modules
directory for Prisma Client and registers the prisma
decorator with the type PrismaClient
, certain actions that adjust the type of PrismaClient
will not register correctly in the Fastify instance.
For example, while configuring logging in PrismaClient:
const prisma = new PrismaClient({
log: [{ emit: 'event', level: 'info' }]
})
This will actually adjust the PrismaClient
type and give you the ability to hook into events:
prisma.$on('info', (e) => {
console.log(e)
})
Passing those logging configurations with this plugin will not adjust the type of the prisma
decorator on the Fastify instance, resulting in a type error if you attempt to use the code above.
Just to clarify, this will affect any operation that adjusts the Prisma Client type.
I'm Sabin Adams!
None yet! But contributions are welcome!
Licensed under MIT.
FAQs
A plugin for Fastify to easily register Prisma Client in your Fastify instance
We found that @sabinthedev/fastify-prisma demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.